Comments (4)
Program [will consume stubs/headers from PAL work]
Create - Alloc
Open - AccessCheck
ProgramInit
GetProperties
LoadMachineCode - allocating a read only executable page
CreateAndAttachToHook
Pin/Unpin
Uninit/Cleanup [ref count hits 0, the rundown logic]
from ebpf-for-windows.
Looks like the functions to convert SDDL -> SECURITY_DESCRIPTOR aren't in the DDK. Are we ok with passing a self-relative SECURITY_DESCIPTOR instead of an SDDL?
from ebpf-for-windows.
The EbpfIoDevice device object is restricted to:
//
// SDDL_DEVOBJ_SYS_ALL_ADM_ALL allows the kernel, system, and admin complete
// control over the device. No other users may access the device
//
So adding an additional access check here is redundant.
from ebpf-for-windows.
Closing this as an additional access check is pointless given that this API can only be called by admin, kernel or local system.
If we ever loosen the restrictions on the device object, revisit this.
from ebpf-for-windows.
Related Issues (20)
- Workflow failed - fault_injection_full HOT 1
- _ebpf_link_instance_invoke_batch_begin/_ebpf_link_instance_invoke_batch_end use expensive EX_RUNDOWN_REF HOT 1
- ebpf_validate_attach_provider_data is too restrictive
- ebpf_performance triggers bug in usersim that breaks epoch logic
- Attempting to write BPF programs for multiple extensions at once fails in ebpf_program_set_program_info_hash HOT 1
- Copyright check requires Microsoft but CLA does not
- bpf2c doesn't generate well-formatted code for tail calls HOT 1
- Scheduled eBPF release is due HOT 1
- Fuzzing the verifier using debugging builds is inefficient HOT 1
- Add versioning in the native module NMR structs
- Support BPF dynamic pointers
- Workflow failed - core_helper_fuzzer HOT 1
- Add `total_size` field in `ebpf_extension_header_t` HOT 2
- Support multiple eBPF programs in the same section HOT 1
- Workflow failed - driver_native_only_ws2022
- Workflow failed - driver_native_only_ws2019
- Workflow failed - km_performance
- Workflow failed - driver_ws2022
- Workflow failed - driver_ws2019
- Workflow failed - regression_driver_ws2022
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ebpf-for-windows.